The French presidential election has been hit with a case of déjà vu. Emmanuel Macron’s campaign said its staff received phishing emails meant to steal their passwords.

Trend Micro said in a report set to be published today that they have found evidence of a phishing attack targeting French presidential candidate Emmanuel Macron. The emails and fake sites sites could have tricked campaign staff into entering their credentials and allow malware to infect their computers, their researchers stated.

Macron, of the relatively new “En Marche” party which translates to “on the move”, will be in a runoff on May 7 against National Front candidate Marine Le Pen for the French presidency. Macron’s campaign confirmed to the Wall Street Journal that its staffers received emails leading to fraudulent websites, but that the attempts were blocked, but who knows if they really were.

The hacking group behind the phishing attempts was Russian APT28, a group tracked for years by many security researchers. This group of criminal hackers is also known as Pawn Storm, Sofacy, Strontium, Fancy Bear, and SecureWorks calls them “IRON TWILIGHT“. Here is a backgrounder on APT28.

As part of the attack, hackers set up multiple internet addresses that mimicked those of the campaign’s own servers in an attempt to lure Mr. Macron’s staffers into turning over their network passwords, said Feike Hacquebord, a senior threat researcher for Tokyo-based Trend Micro and the author of the report, a copy of which was reviewed by The Wall Street Journal.

Security researchers state it is highly likely APT28 are supported by the Russian Government, specifically the GRU which is the Russian military intelligence arm, the counterpart of the FSB (former KGB). APT28 “active measures” were trying to influence U.S. presidential elections and at the moment try to do the same thing in France and Germany. Kremlin spokespeople deny everything vehemently. Yeah, sure.

What to do about It

SecureWorks recommends the following excellent best practices to prevent network compromise:

The experience of our Network Engineers and Technicians, combined with our strategic partnerships, allows us the ability to competently evaluate all of your organization’s IT support needs and design effective IT Solutions.Click here to learn more about our IT Support services